[Oraclevm-errata] OVMSA-2022-0007 Important: Oracle VM 3 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Thu Feb 17 02:40:27 UTC 2022
Oracle VM Security Advisory OVMSA-2022-0007
The following updated rpms for Oracle VM 3 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network:
x86_64:
kernel-uek-4.1.12-124.60.1.el6uek.x86_64.rpm
kernel-uek-firmware-4.1.12-124.60.1.el6uek.noarch.rpm
Related CVEs:
CVE-2021-4155
CVE-2021-1048
CVE-2021-3752
CVE-2021-3753
CVE-2021-0129
CVE-2021-20321
Description of changes:
[4.1.12-124.60.1.el6uek]
- xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate (Darrick J. Wong) [Orabug: 33699627] [Orabug: 33762471] {CVE-2021-4155}
- fix regression in "epoll: Keep a reference on files added to the check list" (Al Viro) [Orabug: 33679854] [Orabug: 33762505] {CVE-2021-1048} {CVE-2021-1048}
- Bluetooth: fix use-after-free error in lock_sock_nested() (Wang ShaoBo) [Orabug: 33406421] {CVE-2021-3752}
- vt_kdsetmode: extend console locking (Linus Torvalds) [Orabug: 33406445] {CVE-2021-3753}
- Bluetooth: SMP: Fail if remote and local public keys are identical (Luiz Augusto von Dentz) [Orabug: 33556779] {CVE-2021-0129}
- Bluetooth: use constant time memory comparison for secret values (Jason A. Donenfeld) [Orabug: 33556779] {CVE-2021-0129}
- Bluetooth: Add bt_dev logging macros (Loic Poulain) [Orabug: 33556779] {CVE-2021-0129}
- ovl: fix missing negative dentry check in ovl_rename() (Zheng Liang) [Orabug: 33694378] {CVE-2021-20321}
More information about the Oraclevm-errata
mailing list